![[Guide] How to find a skill in skill.dll](https://www.elitepvpers.com/forum/iconimages/mabinogi-hacks-bots-cheats-exploits/guide-how-find-skill-skill-dll_ltr.gif){kind=small}
Ok, first, for this tutorial, you're going to need 2 things.
1.) IDA (Interactive Dissassembler)
2.) Ollydbg (Tool made by god himself)
So I was looking for Windmill in skill.dll because I heard about a mod you can do to windmill (Sorry, I can't specify what I heard)
I turned on IDA and loaded Skill.dll (You might want to wait for it to fully load the dll, which can take up to 20 minutes)
Then I pressed Alt+T, which should've brought up a box asking you what to search for.
What I was searching for is "CSkillWindmill", because I'm looking for windmill. To find a specific skill via text searching, you need to search for something like this: CSkill<SkillName>, you replace "SkillName" with the skill you're looking for's name, and remove the left and right carats.
So, I started searching for Windmill.
My first result looked like this: Unfortunately, that's not what I'm looking for. You can tell because there's tons of things relating to other skills that have the same address.
Keep pressing Ctrl+T until you get to something that has alot of stuff related to Windmill.
If you think you found the skill's section, it should look something like this:
The reason it should look like that is for a few reasons: 1.) A logical reason, there's ALOT of windmill code there all under seperate addresses under the section screenied
2.) It says ?GetId@CSkillWindmill. Most of the time, when it says that, it's the beginning of the skill.
Now it's time to open up ollydbg. Copy down the code that windmill started at (10019180) and open skill.dll in olly. Press Ctrl+G and paste or type in the code I told you to copy.
Olly should be looking like this if you're following this tutorial w/ windmill in skill.dll (Sorry I'm not actually teaching you how to do an actual mod, since I couldn't think of any mods to show that weren't UG): Why should it look like this? Because it means you successfully went to the start of windmill in Skill.dll using olly.
Let's say we wanted to find the address that determines your race and gives you a penalty due to your race (Racist..). We'd scroll down in olly until we found something that makes sense for it to be race and penalty related.
Let's scroll down... Keep scrolling..
Oh look! I found something! It says ?GetRaceDesc in the string, and under it there's something with another string in unicode saying "windmill_penalty"!
If you can't find that, you scrolled too far or didn't scroll long enough.
Let's say we wanted to kill whatever the penalty for being a different race is. We'd look for a JE a few lines under the call that said ?GetRaceDesc in the string.
100199F8 is an address not too far from the call, and it's a JE. Let's see where it's supposed to jump to if all goes well, by left clicking on it and looking at the box that has some stuff saying "10019A4E=Skill.10019A4E" (Look down). That's the information saying where the jump is supposed to be conditionally going to.
Let's see where that jump tells you to go to by pressing Ctrl+G and typing in "10019A4E"
It jumps a few lines down, which means if the jump was unconditional, it'd send you past the check for your race penalty. Double click the JE at 100199F8, and in the text box that appears, replace JE with JMP.
Congratulations, if it wasn't patched, or if it actually does something, you just avoided the penalty for your race using windmill, and found what to change!
 |
